This copy is for your personal non-commercial use only. To order presentation-ready copies of Toronto Star content for distribution to colleagues, clients or customers, or inquire about permissions/licensing, please go to: www.TorontoStarReprints.com

Home Depot investigates suspicious credit card activity

Home Depot is investigating a potentially 'massive' data breach that analysts say could be much larger than Target's 40 million leaked card numbers.(Newsy)

By Bloomberg

Tues., Sept. 2, 2014

Home Depot, the largest home-improvement chain in the U.S., fell as much as 3.4 per cent in New York trading after saying it was working with banks and law enforcement to investigate a possible data breach.

“At this point, I can confirm that we’re looking into some unusual activity and we are working with our banking partners and law enforcement to investigate,” Paula Drake, a spokesperson for the Atlanta-based company, said in an e-mailed statement.

“We are aggressively gathering facts at this point while working to protect customers.”

She declined to say whether Canadians might be affected. “If we confirm that a breach has occurred, we will make sure customers are notified immediately.”

Brian Krebs, the independent journalist who uncovered a hacker attack at Target last year, reported that a “massive” batch of stolen credit- and debit-card information went on sale Tuesday morning. There’s evidence that the cards are linked to Home Depot stores, Krebs said on his website, KrebsOnSecurity.

Article Continued Below

Home Depot shares dropped as low as $89.85 (U.S.) in New York. It closed down 2 percent, at $91.15.

The Atlanta home improvement retailer told The Associated Press Tuesday that it’s looking into “unusual activity” and that it’s working with both banks and law enforcement.
TORONTO STAR FILE PHOTO

“The criminals are getting smarter faster than the companies,” said Jaime Katz, an analyst for Morningstar in Chicago. “If it is something on the scale of Target, there is obviously significant concern.”

Hackers probably installed malicious software on Home Depot’s point-of-sale cash registers capable of stealing bank account information, names, card expiration dates and other data, said Trey Ford, global security strategist for Boston-based software security company Rapid7 LLC. Such an incident would be another example of hackers relying on so-called Backoff malware, which the U.S. Secret Service estimates has been used to target more than 1,000 businesses over the past year.

“This is effectively a keystroke logger,” said Ford, who doesn’t have direct knowledge of the Home Depot attack. “It’s capturing all that stuff that comes in.”

Target, the Minneapolis-based discount chain, has shown how devastating a data breach can be to a retailer. Hackers struck the company last year during the height of the holiday shopping season, tarnishing its reputation and hampering sales. Target’s slow reaction to the incident also drew criticism from lawmakers, and the company ousted its chief executive officer in May. Brian Cornell, a former PepsiCo executive who took the helm at Target last month, is now working to pick up the pieces.

An investigation by Bloomberg Businessweek found Target ignored warnings from its hacker-detection tools, leading to a breach that compromised 40 million credit-card numbers — along with 70 million addresses, phone numbers and other pieces of personal information. Stores in Canada were not affected.

In Home Depot’s case, the suspected breach may have occurred in late April or early May and could encompass all 2,200 of the company’s stores in the U.S., Krebs said. That means it could be larger than the Target incident, he said.

The attack also may have been performed by the same group of hackers that infiltrated Target, possibly as retribution for the U.S. and Europe placing sanctions on Russia, Krebs said. Stolen cards were marketed on a website by the hackers as being “European Sanctions” and “American Sanctions,” he said.

Citigroup Inc., the third-biggest credit-card issuer in the U.S., said it’s stepping up prevention and detection efforts in the wake of the investigation.

“We are actively monitoring accounts, and if we see suspicious activity we will take appropriate actions, which may include reissuing cards for customers,” Janis Tarter, a spokeswoman for New York-based Citigroup, said in an e-mailed statement. “We want our customers to know that, consistent with legal requirements, they are not liable for any unauthorized use of their accounts.”

Other U.S. chains have suffered hacker attacks in recent months, including the supermarket company Supervalu and the Asian-themed eatery P.F. Chang’s China Bistro.

The hackers who targeted Home Depot probably took their time to retrieve the data without detection, Ford said.

“They are efficient, they are focused, and they manage their risk and exposure the same way a business person would,” he said. “It’s kind of a slow game of cat and mouse.”

The Toronto Star and thestar.com, each property of Toronto Star Newspapers Limited, One Yonge Street, 4th Floor, Toronto, ON, M5E 1E6. You can unsubscribe at any time. Please contact us or see our privacy policy for more information.

More from the Toronto Star & Partners

LOADING

Copyright owned or licensed by Toronto Star Newspapers Limited. All rights reserved. Republication or distribution of this content is expressly prohibited without the prior written consent of Toronto Star Newspapers Limited and/or its licensors. To order copies of Toronto Star articles, please go to: www.TorontoStarReprints.com